So next time someone scrapes my website - where do I send the cease and desist?

(I know google, the host etc etc... but this is one of the many)

Who was Stephen King hiding from when he published books under the name of Richard Bachman? Who was Samuel Clemens hiding from when he published books under the name of Mark Twain?

Are these men not publishing?

No they are NOT publishers, they are authors, the publishers are well identified in the (printed) books.

It's not about hiding the author, it's about exposing the publisher. If you want to hide who you are and get your message out, there are other options than buying a domainname.

I want to have the right to know who you are, how to contact you (who to sue?) if you have a fixed IP or a domainname to do with as you please.
I want that info to be accurate and verified by the registrars, and I fully deplore the mere existence of "anonymous" registrations, whoever is doing those deserves to have the full liability of anything going wrong.

Is there any evidence at all that law enforcement officials have been hindered in their investigations if they come across a domain registered using a WHOIS privacy service?

Law enforcement often doesn't touch "internet" cases, for whatever reason from not understanding to too much work.

Moreover e.g. a C&D letter doesn't need a lawyer and certainly not law enforcement as long as you know who to send to.

Law enforcement often doesn't touch "internet" cases, for whatever reason from not understanding to too much work.

I'm really not trying to wind you up, but if this really is an accurate description of things where you are, perhaps you could/should campaign for changes/improvements to law enforcement in your jurisdiction rather than worrying about WHOIS information? :-(

Moreover e.g. a C&D letter doesn't need a lawyer and certainly not law enforcement as long as you know who to send to.

Now I'm curious - do you find a cease and desist direct to the WHOIS contact is effective in the majority of cases? I'd always assumed it was a waste of time and that you'd be better off going straight to the ISP (?)

Another reason to keep whois is because if the site owner's info is hidden you can just about image the problems this will cause InterNic because everyone will write them for every copyright infringement.

Ok I understand that people want more transparency and/or the ability to look up information about a website owner.

WHOIS, however, is not the way to do that. It's not difficult to use private registration, or a front, or fake information.

While on the other side of the coin, if someone wants their domain registration to be completely legit they are currently forced to disclose personal contact information that is absolutely guaranteed to get them cold calls and spam.

Lots and lots of spam. With the current WHOIS system, you may as well ditch your email account before you add it to your domain registration and save yourself some time.

If a website is being used for any commercial purpose the owner of that site is putting the information in the public domain and should therefore have to put their details in the open as the publishing company (those people who write for the site may be kept entirely hidden from the public)

What...? Says who? Since when is the content on my commercial site in the public domain?

This thread has left orbit and is heading for deep space. :D

I think there is some confusion here about what the Whois info implies. The owner of the domain name is usually the owner of the website, but this is not necessarily the case. I could own a domain name and allow someone else to run a site under that name.

I would not trust a commercial site that did not have contact information on the site, but this is a separate issue to the Whois info. The domain name is just a human-friendly form of the internet address of the site, and ownership of the domain name should not imply ownership of the site. I assume that the situation is similar to a landlord who rents a building to someone who runs a business from it. The landlord would not be held responsible for what the business does.

In practice this applies. An ISP can ban a site from its servers, but it cannot ban the use of the domain name. Also its possible to move the pages of a site to a new domain name - a new domain name is being used but the content of the site is the same.

The usual caveat that I have no legal expertise whatsover applies. :)

Then every buying and selling of domains between domainers will have to go through escrow since buyer has no way to verify ownership before executing the deal. This is so expensive.

If you want to hide who you are and get your message out, there are other options than buying a domainname.

Perhaps, but why should that option be closed to me simply because I don't want everyone knowing my name, address, phone number, and e-mail? I suppose the author / publisher argument was easily shot down, and I understand your points, but trying to compare the internet to any other traditional media will fail every time. In the same way that Stephen King is NOT a publisher, my domain name is NOT a publishing company. If I need register all my personal info just so I can have a voice on the Internet, of all places, then what's even the point?

I can certainly understand the need for accountability, and I could understand if you wanted personal information REGISTERED for each domain purchased... but there is no need to make that information public. The publicizing of that information should be done on the front end of the site, not the backend... and that's the responsibility of the company or person responsible for the site's content. That's who you should be worrying about anyway.

>Can I listen to your phone calls? Can I read your emails? Why not, what are you trying to hide? That's a faulty lign of reasoning. Right to privacy doesn't require justification.

Well as it happens you can with technology available today, if you are that way inclined. I really don't have much, if anything to hide.

More to the point, in Great Britain there are laws which state, the owners of commercial domains must make public their contact details.

>Should I now either be forced to reveal my true identity or stop publishing my website?

You would not be able to do so legally, if you made money out of the site and were based in England.

>As far as I'm concerned "caveat emptor" when it comes to the internet.

I would agree with you there. In a consumer society this is more often than not the case.

>If you can't verify who owns the site... you have every right to not do business with them.

So you are making a distinction between publishing information and consumer based sites? I too would like to see this. But, it seem the search engines cant do this for us. Their attempts to reify businesses through automated analysis of websites has thus far been a poor one.

Consumers in a consumer society should have rights. If Joe Blogs goes to a website and doesn't read it but just buys something, should he not have some comeback on that purchase? Reading on the web is harder than reading a book. One day perhaps this will not be the case but most people don't read your stuff, they just buy something quickly. Having access to whois, Joe Blogs may have someone to write to the office of fair trading about when something goes wrong. I believe my own customers deserve this right.

I see the discussion going on but why the big fuss about scrapping WhoIs? I find it a useful tool sometimes if I find a domain that I am interested in but is already registered. It allows me to contact the owner to initiate a dialogue.

My registrar allows free private registration, which from this topic I can assume is not the norm? I do own a few domains that I keep under private registration (for personal reasons) but others I'm willing to sand out and say "Yes, this site is owned and operated by me" mainly to show people that it is me who is running the site and they already know my intentions (since most of them are for a large niche community where a lot of people know a lot of people).

Maybe a good alternate is to have registrars allow people to pick and choose what gets displayed though the WhoIs information. Sure, they'll have all of your information, but maybe include options to:

- Display or hide specific pieces of information, name, address, and/or phone number etc.

- Free forwarding of emails to admin@example.com or contact@example.com (to your email address) so that your email is not displayed but people can still contact you.

-Opt out all together of WhoIs inquiries (WhoIs inquiry will show registrar and maybe an admin@example.com email for forwarding) (free private registration)

These are just a few suggestions but I'm sure there can be a way that most of the masses would be content with it.

More to the point, in Great Britain there are laws which state, the owners of commercial domains must make public their contact details.

Err... I'm curious - which specific UK and/or EU law(s) deal with WHOIS and domain names?

There are laws which say that commercial websites must publish contact details on the site, but do these laws actually specify a public WHOIS entry as well? (I'd always assumed WHOIS was dealt with by Nominet's policies rather than legal requirements... but I could be wrong)

Should I now either be forced to reveal my true identity or stop publishing my website?

You would not be able to do so legally, if you made money out of the site and were based in England.

This argument sounds slightly fuzzy - are we talking about "making money out of the site" or are we talking about being a "commercial entity".

Plenty of blogs display adverts - do writers of such blogs have to publish their contact details?

Plenty of hobby sites are hosted on ISPs which include pop-up adverts. Someone is making money out of those sites - are they now classed as "commercial" in the eyes of the (UK) law?

IANAL but this sounds like (yet another) legal minefield ...

This could turn into a legal arguement but I will not take it any further. Clarification of Uk E-Commerce law can be seen here.

[oft.gov.uk...]

My real point was, whois information makes plain, to the public, who is making the information public. I still believe consumers and the public in general should have a right to know that.

I feel domain names are the same as a trademark, patent or real estate. They are matters of public record with the whois info being the public record to show ownership or control.

Whois info doesn't always coincide with website info in the same way a privately owned restaurant owners address doesn't match the property tax records of its landlord. They share an address but typically when you search for the address you will find the business not the owner of the building the business is in. (weak example I know).

I used to believe all things were taken care of for me and I was protected if they weren't. Some tough lessons were learned and since then I have learned it is my right and a reasonable action to ensure I take my privacy in my own hands.

While legislation to protect privacy can be good - I find that the "bad apples" have no such legislation in their rule books.

It is possible and legitimate to purchase mail forwarding services or maildrop services that use suite numbers in whois contact info.

It is possible and reasonable to get an inexpensive business license to use an "alias" or DBA (Doing Business As) on it so your name isn't posted directly (your domain is an business investment isn't it?). Only law enforcement or skip tracers like to use business licenses to track people down (every rule has an exception) ... And if your doing that much wrong well...

It is possible and useful to pay for a full business grade 1-800 / 877 /888 voicemail, fax service and email with web access to check for real faxes, emails or voice messages.

So now, I have a decently hidden name, address, email, phone number and fax. People that -need- to contact me, can. I am not breaking any rules and I have fair degree of privacy. If your a celebrity you may need another level or two but always make sure you have access to these services directly or you can get in trouble.

There, privacy issues solved by the users, without using government to legislate "something".

Now heres the real problem - when the kids who are growing up now realize you have "THEIR" domain name and start using the contact now forms to voice their displeasure... :-) I have gotten some 'good' emails and voicemails over this on domains I own and use daily and I am glad I have these layers of identity protection set up while they learn the ropes.

Cheers!

Moreover e.g. a C&D letter doesn't need a lawyer and certainly not law enforcement as long as you know who to send to.

Now I'm curious - do you find a cease and desist direct to the WHOIS contact is effective in the majority of cases? I'd always assumed it was a waste of time and that you'd be better off going straight to the ISP (?)

The trouble is with domains that skip over multiple IP addresses, each with different ISPs. If you have to work with all of them, you'll be a long way from home.These cases are sometimes referred to as "fast-flux", as they might just skip to the next IP address every time they loose the previous one. In these cases it's much more effective to go after the domainname (owner).
In some cases registrars are cooperative, but not always, not for everything a domain can do wrong.

Moreover if you see a suspicious thing, a quick look at whois info can often get you confirmation on wether it's innocent or evil.

OFF TOPIC!

>The trouble is with domains that skip over multiple IP addresses, each with different ISPs.

Yet what do the search engines do if multiple domains are all on one IP?

The following message was cut out to new thread by webwork. New thread at: domain_names/3494478.htm [webmasterworld.com]
5:43 am on Nov. 2, 2007 (utc -5)

I completely agree that commercial website should not be able to be anonymous. However as some of us have pointed out ownership of the domain name does not necessarily infer ownership of the site. This thread is about Whois, and comments about website ownership are a separate issue.

This could turn into a legal arguement but I will not take it any further. Clarification of Uk E-Commerce law can be seen here.

[oft.gov.uk...]

That document doesn't mention the terms 'whois' or 'domain name' (or even 'website'...) - IANAL, but I can only assume that whois isn't even close to a legal requirement.

My real point was, whois information makes plain, to the public, who is making the information public. I still believe consumers and the public in general should have a right to know that.

For the Nth time in this thread... "Domain name" does not equal "website".

Owning a domain name does not mean I am publishing information (except in the ultra-literal sense of a domain owner publishing her DNS records).

The vast majority of the public doesn't even know the whois information exists, let alone how to query it. If you think you're helping the public by maintaining whois records, think again. In my view, whois information is used almost exclusively by techies, lawyers and spammers. Three groups of people we all love... to hate ;-).

If you want to insist that anyone making information public has to provide a contact address, that's fine, but does this really have much to do with domain names? :-)

does this really have much to do with domain names?

He who controls the domain name controls the website, no?

He who controls the domain name controls the website, no?

Often yes, but not necessarily. For example if I owned a valuable domain I could lease its use to someone who wanted to create a website. But I would not be responsible for the content of the website. (For all I know someone may be already doing this?)

The registration of the domain and ownership of the website are separate issues.

does this really have much to do with domain names?

He who controls the domain name controls the website, no?

Let's think about books...

Should we insist that every single printing press has a little plaque screwed on to it with the publisher's contact details?

[misquote]He who controls the printing press controls the books it prints?[/misquote] :-)

Oh, wait. We already have a solution to this - you print the publisher's contact details in each book.

The contact details live with the published information, not with the technical equipment used in production...

On the other hand - if you use a real estate analogy to domain names. The land registry holds details of the ownership of all land. I can go to the land registry and find out the ownership details for any piece of land in the country.

A lot of people are implementing privacy anyway on WhoIs

I can go to the land registry and find out the ownership details for any piece of land in the country.

Very true, but you can't access it in an open, bot friendly format for convient scraping. Which is why any brick and mortar analogy doesn't quite seem to apply here.

I'd hate to see whois go, but at long as it's bottable it's the wrong solution if you're going to try to force people to provide data.

if you use a real estate analogy to domain names. The land registry holds details of the ownership of all land.

I'm not sure the land registry analogy is a good fit in the domain name world...

The owner of a piece of land on the high street may have nothing at all to do with the business that is based in the building built on that land, other than that the business pays rent to the landowner.

If a customer is in dispute with a high-street business, is the owner of the land involved? Is the owner of the building involved?

Do land or building owners get sued because their business-running tenants have dissatisfied customers? Do they receive cease-and-desist requests when their tenants annoy somebody? I am genuinely curious about this - I don't have much experience in the bricks-and-mortar world. Webwork, where are you when we need you? :-)

IMHO anyone coming at this from the consumer rights angle needs to focus on the business running the website, not the owner of the domain name. If they are one and the same, that's all great, but this doesn't always apply, so don't legislate against domain name owners if you're actually trying to target people running websites...

Depending on the nature of the violation, arising from the use of the land, both the landowner and the business operator can be drawn in.

For example, if I own 40 acres in an area zoned for agricultural use and I lease the land to a tow truck operator who commences to run a junkyard, I - as landowner - will not escape sanction. Why? Because the law provides that the acceptable use of my land, in that zone, is farming. It is the use of the land, and not who is using it, that brings me into conflict with the law as the landowner. I cannot circumvent the law and accountability by the device of renting the land to a stranger.

Very true, but you can't access it in an open, bot friendly format for convient scraping.

I think you have hit the real crux of the issue - people scraping the whois for less than ethical uses.

If the whois was available upon payment of a nominal fee for each domain you wished to look up - this might significantly alleviate many of the current problems.

Personally I want to be able to register a domain name in either my own name or a legal entity which I control in order that in case of a problem (such as a registrar going bust) I can prove ownership. I don't want to hide behind some 'privacy' arrangement that a registrar controls.

I have no problems with this information being available to those that need to know, or who pay a fee, but I would like to keep the info out of the public domain where spammers can access it.

Websites are another issue. None of mine are commercial, so I can be anonymous. I could put my real name on them, but then there is always the possibility of some freak throwing a brick through my window because he didn't like something I said on a web page. I have had a very threatening email in the past which promised a lot worse than a brick.